Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/KR3QIjzXkSUREQYDzjSfo0rNQp8.roa
File: KR3QIjzXkSUREQYDzjSfo0rNQp8.roa (raw, json)
Hash identifier: i1s/vP/B6ucCkG17cuPDivp7lDpYe78UEQzFQMdFh6w=
Subject key identifier: 29:1D:D0:22:3C:D7:91:25:11:11:06:03:CE:34:9F:A3:4A:CD:42:9F
Certificate issuer: /CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Certificate serial: 018B5C8DC2A865197ADEA86FA7AEBEE3F735
Authority key identifier: D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/KR3QIjzXkSUREQYDzjSfo0rNQp8.roa
Signing time: Mon 23 Oct 2023 12:41:16 +0000
ROA not before: Mon 23 Oct 2023 12:41:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59745
IP address blocks: 45.151.92.0/22 maxlen: 24
80.66.96.0/20 maxlen: 24
185.198.200.0/22 maxlen: 24
2a02:340::/32 maxlen: 32
2a0a:8ec0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5c:8d:c2:a8:65:19:7a:de:a8:6f:a7:ae:be:e3:f7:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4c3b12c8d635190ec928437bbd6cb0e8c38f9a9
Validity
Not Before: Oct 23 12:41:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=291dd0223cd7912511110603ce349fa34acd429f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:02:92:a3:19:5b:af:04:5a:28:bc:c4:99:c9:
a2:87:57:2f:cd:cf:44:fa:72:0f:c9:37:94:94:d4:
e9:44:3a:08:06:50:30:0b:dc:34:11:d0:55:56:89:
3c:66:a3:29:57:58:aa:35:17:b7:70:11:bf:e4:06:
a8:02:15:30:b3:75:5c:51:33:40:a4:bf:a8:30:1c:
1a:85:3f:86:3f:ea:a1:93:a9:64:11:88:72:35:a0:
57:cd:67:b9:56:00:97:3e:1a:89:3f:ac:f5:aa:49:
81:ed:ce:e1:0d:51:50:4c:c2:30:89:73:ee:63:75:
50:ff:cb:e0:ea:0d:7c:08:59:62:74:ef:0c:71:d1:
16:09:a5:c9:01:ba:8e:86:b5:e3:45:44:a0:3f:5a:
f3:9f:3c:bb:61:30:f7:0c:77:d8:71:6d:6a:74:90:
e3:b6:5b:d0:f4:ca:47:cd:e3:37:3d:20:60:02:2d:
f6:a9:da:4b:fd:86:67:1b:ba:39:31:44:88:35:7a:
c6:69:80:f8:87:2e:6d:56:f5:40:aa:a7:9e:fe:f9:
83:65:1d:fa:07:04:57:ab:22:97:38:fb:2f:74:c2:
1a:06:a6:70:a8:e0:44:59:d4:72:5d:bf:32:96:3b:
75:ff:80:e4:76:ee:02:f1:04:bf:10:82:6a:34:58:
e0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:1D:D0:22:3C:D7:91:25:11:11:06:03:CE:34:9F:A3:4A:CD:42:9F
X509v3 Authority Key Identifier:
keyid:D4:C3:B1:2C:8D:63:51:90:EC:92:84:37:BB:D6:CB:0E:8C:38:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MOxLI1jUZDskoQ3u9bLDow4-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/KR3QIjzXkSUREQYDzjSfo0rNQp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2fb593-43f5-4db7-9819-0f9d57a5d4fa/1/1MOxLI1jUZDskoQ3u9bLDow4-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.92.0/22
80.66.96.0/20
185.198.200.0/22
IPv6:
2a02:340::/32
2a0a:8ec0::/29
Signature Algorithm: sha256WithRSAEncryption
61:06:2f:e9:ab:e3:ae:68:c1:21:b1:9f:ef:c7:79:2a:d4:b7:
65:c1:48:2f:1a:e0:33:d6:46:ca:0a:73:26:87:61:db:59:fa:
0c:c9:a4:61:4e:15:af:fe:96:54:15:1e:d2:00:d5:78:fb:7c:
20:22:b8:d3:f7:af:e4:e4:45:d8:fc:b4:81:1f:54:ec:19:4c:
ec:97:ee:ca:24:99:f2:18:f2:9d:b9:6e:db:5d:a9:83:49:51:
d7:a4:ed:cf:ce:f5:a4:39:92:72:aa:53:96:ae:32:da:54:53:
e7:15:bc:6a:0b:ee:15:95:e5:40:30:ee:eb:16:1e:a7:2b:7d:
4a:6a:76:7f:b3:33:80:7b:25:8b:d7:9f:20:e3:5a:86:b0:e5:
92:eb:0a:56:4a:85:8b:c1:38:68:93:54:66:ab:96:b0:6c:4d:
b0:dd:f6:ac:31:e6:57:17:72:c8:c5:51:7e:e7:41:c9:ca:af:
b5:fb:0d:04:ed:e7:eb:26:5c:ca:6c:6b:df:7c:3a:09:a2:4e:
d6:31:04:d6:01:07:ea:c4:2e:18:98:4c:b9:2f:02:e4:24:3e:
a5:69:63:5f:99:de:8b:f2:58:d6:8c:07:d4:42:26:eb:c2:a6:
1d:04:54:80:6c:1a:8c:b5:07:81:ad:f2:86:6d:0e:ac:a6:5a:
53:e6:1f:d5
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYtcjcKoZRl63qhvp66+4/c1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YzNiMTJjOGQ2MzUxOTBlYzkyODQzN2JiZDZjYjBlOGMz
OGY5YTkwHhcNMjMxMDIzMTI0MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTFkZDAyMjNjZDc5MTI1MTExMTA2MDNjZTM0OWZhMzRhY2Q0MjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwKSoxlbrwRaKLzEmcmih1cvzc9E
+nIPyTeUlNTpRDoIBlAwC9w0EdBVVok8ZqMpV1iqNRe3cBG/5AaoAhUws3VcUTNA
pL+oMBwahT+GP+qhk6lkEYhyNaBXzWe5VgCXPhqJP6z1qkmB7c7hDVFQTMIwiXPu
Y3VQ/8vg6g18CFlidO8McdEWCaXJAbqOhrXjRUSgP1rznzy7YTD3DHfYcW1qdJDj
tlvQ9MpHzeM3PSBgAi32qdpL/YZnG7o5MUSINXrGaYD4hy5tVvVAqqee/vmDZR36
BwRXqyKXOPsvdMIaBqZwqOBEWdRyXb8yljt1/4Dkdu4C8QS/EIJqNFjgywIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCkd0CI815ElEREGA840n6NKzUKfMB8GA1UdIwQY
MBaAFNTDsSyNY1GQ7JKEN7vWyw6MOPmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTkt
MGY5ZDU3YTVkNGZhLzEvS1IzUUlqelhrU1VSRVFZRHpqU2ZvMHJOUXA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8yZmI1OTMtNDNmNS00ZGI3LTk4MTktMGY5ZDU3YTVkNGZh
LzEvMU1PeExJMWpVWkRza29RM3U5YkxEb3c0LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCLZdcAwQE
UEJgAwQCucbIMBQEAgACMA4DBQAqAgNAAwUDKgqOwDANBgkqhkiG9w0BAQsFAAOC
AQEAYQYv6avjrmjBIbGf78d5KtS3ZcFILxrgM9ZGygpzJodh21n6DMmkYU4Vr/6W
VBUe0gDVePt8ICK40/ev5ORF2Py0gR9U7BlM7JfuyiSZ8hjynblu212pg0lR16Tt
z871pDmScqpTlq4y2lRT5xW8agvuFZXlQDDu6xYepyt9Smp2f7MzgHsli9efIONa
hrDlkusKVkqFi8E4aJNUZquWsGxNsN32rDHmVxdyyMVRfudBycqvtfsNBO3n6yZc
ymxr33w6CaJO1jEE1gEH6sQuGJhMuS8C5CQ+pWljX5nei/JY1owH1EIm68KmHQRU
gGwajLUHga3yhm0OrKZaU+Yf1Q==
-----END CERTIFICATE-----
Generated at Tue Oct 24 06:53:00 2023 by rpki-client on console-ams.rpki-client.org